Auto Isolate w/ PowerAutomate + Defender for Endpoint

preview_player
Показать описание
Being able to automatically isolate a device from the network during a cyber incident can be beneficial, but how do you do that? With Microsoft Power Automate + Microsoft Defender for Endpoint!

  1. Matt Soseman
  2. powerautomate
  3. defender for endpoint
  4. edr
  5. microsoft defender
Рекомендации по теме
Auto Isolate w/ 0:02:37

Auto Isolate w/ PowerAutomate + Defender for Endpoint

Isolate and Control 0:00:45

Isolate and Control Any Machine with This Powerful Tool #shorts

Isolate Devices During 0:02:12

Isolate Devices During an Incident - Morning Cyber Walks w/ Matt

Creating Cloud App 0:01:32

Creating Cloud App Security Alert in Power Automate

Isolation & Live 0:06:06

Isolation & Live Response | Microsoft Defender for Endpoint

detect threats and 0:04:00

detect threats and take isolation actions using Microsoft Defender for Endpoint

CONFIGURE AND MANAGE 0:10:07

CONFIGURE AND MANAGE AUTOMATION USING MICROSOFT DEFENDER FOR ENDPOINT

Microsoft Flow & 0:04:47

Microsoft Flow & MS Defender ATP Integration - Demo

Control & Visibility 0:12:06

Control & Visibility for the Power Platform with Managed Environments

UI Elements and 0:37:22

UI Elements and Selectors in Power Automate Desktop - Full Tutorial

Automating Security Alerts 0:06:32

Automating Security Alerts with Power Automate & Cloud App Security

Block SaaS Apps 0:06:48

Block SaaS Apps w/ Power Automate + Defender for Endpoint + Defender for Cloud Apps!

Microsoft Defender ATP 0:03:30

Microsoft Defender ATP Isolation and release of endpoint

How to implement 0:29:58

How to implement device auto-tagging on Defender for Endpoint

BITS - Endpoint 0:06:45

BITS - Endpoint Isolation

6.3 Dealing with 0:21:08

6.3 Dealing with Ransomware via Sentinel automation, MDE from Zero to Hero

Error Handling in 0:17:21

Error Handling in Power Automate flows | Try Catch Scope Action

How to retrieve 0:14:37

How to retrieve a random YouTube video from a YouTube playlist with Power Automate

MDE Tutorial -16 0:15:00

MDE Tutorial -16 - App and Browser Isolation Policy in Microsoft Defender for Endpoints

Auto solve Cyberpunk 0:00:47

Auto solve Cyberpunk breach mini game with Powershell & OCR

Secure & Manage 0:12:05

Secure & Manage Power Apps, Power Automate, RPA and the rest of the Power Platform

How Fountane uses 0:00:59

How Fountane uses EngageWith to automate Birthday and Work Anniversary reminders

How to automate 0:01:23

How to automate windows defender

Disrupt Human-Operated Attacks 0:05:44

Disrupt Human-Operated Attacks Early by Containing Users

Комментарии
Автор

You can also do this now using Custom Detection rules in the Defender Portal. By using a kql query and Continuous (NRT) frequency gives you near realtime alerting and isolating of devices without needing a flow or Microsoft Sentinel to do so.

ZeroInDaHouse
Автор

This should be the same with Playbook from the Microsoft SIEM

yusufbuhari
join shbcf.ru